Take full advantage of converged voice and data networks while retaining the convenience and user-friendliness you expect from a business phone. Cisco Unified IP Phones can help improve productivity by meeting the needs of users throughout your organization. Advanced media endpoints in this innovative suite of Cisco Unified IP Phones enhance the end-user experience.

FIPS-140 is a US and Canadian government standard that specifies security requirements for cryptographic modules. A cryptographic module is defined as “the set of hardware, software, and/or firmware that implements approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.” The cryptographic module is what is being validated.

Participants came to the discussion from many angles — infrastructure, engineering, architecture, urban design, planning, technology development, energy, to name just a few. That diversity of perspective certainly added a layer of richness to the debate, especially when skeptical voices worried about the longer-term impacts of the global recession. Clearly, there was a lot of ground to discover in one short event.

Three panelists, including myself, shared our background, experience, and views, and the floor was opened for what turned out to be a vigorous discussion. Our moderator was James T. Caldwell Ph.D., Director of UCGEC and the Chair of UCGEC’s Green Building and Ecocities Task Force. He also serves as a consultant to Heller Manus Architects, based in San Francisco, which is undertaking massive projects in China for their clients.

I laid out the story behind Cisco’s ‘Smart+Connected Communities’ initiative, which is improving the delivery of urban services while strengthening economic development in cities of varying sizes and types. I also explained some of S+CC’s current areas of focus, and presented some of the work now underway in Asia, Europe and North America. For more about IBSG’s perspective on this work be sure to take a look at the blog post, “Innovation in the 21st Century,” written by Nicola Villa, global director of IBSG’s Urban Innovations team. And for a deeper dive, you may want to review Nic’s white paper, “Connecting Cities: Achieving Sustainability Through Innovation,” which he co- authored with Shane Mitchell, IBSG Public Sector.

Joining me was Eric Lundquist, an architect, and Managing Director of Heller Manus Architects. Eric’s firm has clients with a total of 7,500 acres of development in California, Arizona, Texas, Florida, Russia, Mexico, and China, and he said that “we must recognize that each project has a unique geography, culture and its own strategic imperatives for sustainable, healthy and attractive communities.” Eric described “how diverse goals and ecological imperatives are integrated through architectural planning in partnership with key stakeholders.”

Ed Cazalet, Ph.D., and President and CEO of TeMix, Inc., also weighed in. With forty years of electric industry experience as a founder and CEO of several companies and as a Board member of the California ISO, Dr. Cazalet described TeMix’s “Smart Transactive Energy Services” as “useful for eco-city smart grids.” He explained that his company’s technology will “optimally coordinate renewable energy production, storage, grid demand, and traffic among all components and players on the grid.” He included in his presentation a review of renewable energy micro-grids, including one proposed by OSISoft for Hainan Island in China.

As we wrapped up for the day, I found myself reflecting on the initial statement the organizers released about the seminar’s focus: “The key to human survival and healthy fulfillment is strengthening economic, intellectual and social growth in ways that maintain healthy, resilient eco-systems (global, regional and local). Since all these variables change, we survive and thrive by designing, measuring, connecting and managing our built environments interactively. We adapt, innovate and change in full view of the unique and charming qualities of each city and ecosystem. In smart eco-city development, we connect its diverse natural environments, diverse communities and creative people with flexible, connected built environments. We interactively encourage, preserve and balance the special qualities and contributions of each city, species, community, individual and ecosystem. We cannot measure and manage every variable. This approach optimizes self-management, creative innovation and it minimizes unforeseen consequences.”

A spirited and robust conversation has begun; I look forward to its continuation.

My 3-day telework pledge will save me $81.90 in transporation costs and 122 pounds of pollutants for the week. If I continue the 3-day telework routine for a year, I will save $4,095 in transporation costs and 6,120 pounds of pollutants or 3.06 tons for the year. Imagine how much we could all save if every government worker and citizen was able to use network collaboration and video to work from home.

Also this week, the President members of the Pacific Alliance participated in the first Virtual Presidential Summit through TelePresence without the need to travel. During the 90-minute “Historic Presidential Summit,” the Presidents of Colombia, Mexico, Chile, Peru, Costa Rica and Panama (by telephone) were able to specify the fundamental points for the signature of the treaty for the “Pacific Alliance.”

Organizations implementing Continuous Monitoring strategies are remiss if they are not taking into account the value of network telemetry in their approach. NIST Special Publication 800-137, Information Security Continuous Monitoring for Federal Information Systems and Organizations provides guidance on the implementation of a Continuous Monitoring strategy, but fails to address the importance of network telemetry into that strategy. In fact the 38 page document only mentions the word “network” 36 times. The SP 800-137 instead focuses on two primary areas: configuration management and patch management. Both are fundamental aspects of managing an organizations overall risk, but to rely on those two aspects alone for managing risk falls short of achieving an effective Continuous Monitoring strategy for the following reasons

First, the concepts around configuration and patch management are very component specific. Individual components of a system are configured and patched. While these are important the focus is on vulnerabilities of improper configuration or known weaknesses in software. Second, this approach presumes that with proper configuration control and timely patch management that the overall risk of exploitation to the organization’s information system is dramatically reduced.

While an environment that has proper configuration and patch management is less likely to be exposed to known threats, they are no more prepared to prevent or detect sophisticated threats based on unknown or day-zero exploits. Unfortunately, the customization and increase in sophistication of malware is only growing. A recent threat report indicated that nearly 2/3 of Verizon’s data breach caseload were due to customized malware. It is also important to keep in mind that there is some amount of time that passes between a configuration error is determined and fixed or the time it takes to patch vulnerable software. This amount of time can potentially afford an attacker a successful vector. For these reasons organizations looking to implement a Continuous Monitoring strategy should depend on the network to provide a near real-time view of the transactions that are occurring. Understanding the behavior of the network is important to create a more dynamic risk management focused Continuous Monitoring strategy.

Network telemetry can consist of different types of information describing network transactions in various locations on the network. Two valuable telemetry sources are NetFlow and Network Secure Event Logging (NSEL). NetFlow is a mechanism that organizations can use to offer a more holistic view of the enterprise risk picture. NetFlow is available in the majority of network platforms and builds transaction records of machine-to-machine communications both within the enterprise boundary as well as connections leaving the enterprise boundary. These communication records provide invaluable information and identify both policy violations and configuration errors. Additionally, NetFlow also provides insight into malicious software communications and large quantities of information leaving an enterprise. Network Secure Event Logging uses the NetFlow protocol to transmit important information regarding activities occurring on enterprise firewalls. This is valuable data that can be aggregated with other NetFlow sources to bring additional context to the network behavior occurring.

Coupling the configuration and patch management guidance in SP 800-137 with an active NetFlow monitoring capability will provide organizations with a Continuous Monitoring strategy that is more system focused and more apt to fostering a dynamic risk management environment. Cisco will be discussing NetFlow, NSEL and other security topics at the March 21st, Government Solutions Forum in Washington, D.C. If you’re interested in learning more, click on the following URL:

How exactly are companies and cities going to successfully finance dramatic upgrades of urban connectivity? When will the financial engineers develop the tools which, when used, result in smarter and more prosperous communities where efficiencies are realized; where multiple urban systems are integrated; and where the return on investment shows up in improved local economies?

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.